urlscan.io logo urlscan.io
SecurityTrails logo

auth.uber.com Open in urlscan Pro
34.98.127.226  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://accounts.uber.com/communication
Effective URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0...
Submission: On October 26 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 8 IPs in 2 countries across 6 domains to perform 28 HTTP transactions. The main IP is 34.98.127.226, located in Kansas City, United States and belongs to GOOGLE-CLOUD-PLATFORM, US. The main domain is auth.uber.com. The Cisco Umbrella rank of the primary domain is 44739.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on September 30th 2022. Valid for: a year.
This is the only time auth.uber.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 104.36.197.136 63086 (UBER-PROD)
5 34.98.127.226 396982 (GOOGLE-CL...)
13 13.33.100.107 16509 (AMAZON-02)
2 54.192.150.105 16509 (AMAZON-02)
2 142.251.10.102 15169 (GOOGLE)
1 23.15.110.17 16625 (AKAMAI-AS)
1 35.190.2.11 15169 (GOOGLE)
3 142.251.10.84 15169 (GOOGLE)
1 74.125.24.94 15169 (GOOGLE)
28 8
1    104.36.197.136 (United States)

ASN63086 (UBER-PROD, US)
accounts.uber.com
5    34.98.127.226 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 226.127.98.34.bc.googleusercontent.com
auth.uber.com
13    13.33.100.107 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-33-100-107.sin2.r.cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
2    54.192.150.105 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-192-150-105.sin2.r.cloudfront.net
www.cdn-net.com
2    142.251.10.102 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f102.1e100.net
apis.google.com
1    23.15.110.17 (Singapore, Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a23-15-110-17.deploy.static.akamaitechnologies.com
appleid.cdn-apple.com
1    35.190.2.11 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 11.2.190.35.bc.googleusercontent.com
six.cdn-net.com
3    142.251.10.84 (United States)

ASN15169 (GOOGLE, US)
PTR: sd-in-f84.1e100.net
accounts.google.com
1    74.125.24.94 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f94.1e100.net
www.gstatic.com
Apex Domain
Subdomains		 Transfer
13 cloudfront.net
d3i4yxtzktqr9n.cloudfront.net
296 KB
6 uber.com
accounts.uber.com — Cisco Umbrella Rank: 384702
auth.uber.com — Cisco Umbrella Rank: 44739
19 KB
5 google.com
apis.google.com — Cisco Umbrella Rank: 112
accounts.google.com — Cisco Umbrella Rank: 83
59 KB
3 cdn-net.com
www.cdn-net.com — Cisco Umbrella Rank: 14603
six.cdn-net.com — Cisco Umbrella Rank: 12787
44 KB
1 gstatic.com
www.gstatic.com
35 KB
1 cdn-apple.com
appleid.cdn-apple.com — Cisco Umbrella Rank: 3191
17 KB
28 6
Domain Requested by
13 d3i4yxtzktqr9n.cloudfront.net auth.uber.com
5 auth.uber.com d3i4yxtzktqr9n.cloudfront.net
3 accounts.google.com apis.google.com
auth.uber.com
www.gstatic.com
2 apis.google.com d3i4yxtzktqr9n.cloudfront.net
apis.google.com
2 www.cdn-net.com d3i4yxtzktqr9n.cloudfront.net
www.cdn-net.com
1 www.gstatic.com accounts.google.com
1 six.cdn-net.com www.cdn-net.com
1 appleid.cdn-apple.com d3i4yxtzktqr9n.cloudfront.net
1 accounts.uber.com 1 redirects
28 9

This site contains no links.

Subject Issuer Validity Valid
*.uber.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-30 -
2023-10-03		 a year crt.sh
*.cloudfront.net
Amazon		 2022-02-01 -
2023-01-31		 a year crt.sh
*.cdn-net.com
Amazon		 2021-12-29 -
2023-01-27		 a year crt.sh
*.apis.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
appleid.cdn-apple.com
Apple Public EV Server RSA CA 2 - G1		 2022-04-19 -
2023-05-19		 a year crt.sh
*.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
accounts.google.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2022-09-26 -
2022-12-19		 3 months crt.sh

This page contains 2 frames:

Primary Page: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Frame ID: 6CED5484A46946ABFAE5E8C937C93F2C
Requests: 24 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/iframe
Frame ID: 713E060B0E6E6D6C4227162D81C215CA
Requests: 4 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Uber

Page URL History Show full URLs

  1. https://accounts.uber.com/communication HTTP 302
    https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommun... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • appleid\.auth\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/platform\.js
Overall confidence: 100%
Detected patterns
  • apis\.google\.com/js/[a-z]*\.js

Page Statistics

28
Requests

100 %
HTTPS

0 %
IPv6

6
Domains

9
Subdomains

8
IPs

2
Countries

469 kB
Transfer

1316 kB
Size

12
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://accounts.uber.com/communication HTTP 302
    https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

28 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
auth.uber.com/v2/
Redirect Chain
  • https://accounts.uber.com/communication
  • https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
99 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
06454ce5f9e107b174d3fc29563b35235194e797d8103554873699faca5bebab
Security Headers
Name Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-77f637a8-86bf-485d-9447-af16933e2f1d' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
max-age=0
content-encoding
gzip
content-security-policy
block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-77f637a8-86bf-485d-9447-af16933e2f1d' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
content-type
text/html; charset=utf-8
date
Wed, 26 Oct 2022 01:18:00 GMT
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
via
1.1 google
x-content-type-options
nosniff
x-envoy-upstream-service-time
201
x-frame-options
SAMEORIGIN
x-uber-edge
e4-phx5:w:7
x-xss-protection
1; mode=block

Redirect headers

cache-control
max-age=0
content-encoding
gzip
content-type
text/html
date
Wed, 26 Oct 2022 01:17:59 GMT
location
https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
server
ufe
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
1
x-frame-options
SAMEORIGIN
x-uber-edge
e4-phx4:w:10
x-xss-protection
1; mode=block
client-main-083d164c784bb281.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		165 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-083d164c784bb281.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
78fcded1c2ffd2fe2987bfee620325944d1cbdf4111cde1dbef397974f5d8a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 19:03:27 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
22473
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
2004
content-length
30549
x-xss-protection
1; mode=block
last-modified
Tue, 25 Oct 2022 17:45:27 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
vmK08bw1k_1_Syb5uh6ut_iOGBxUY49JXY2vcgxL0q7V_fNCNVbNTQ==
x-uber-edge
e4-dca1:w:128
client-vendor-react-a1861447980d5ec4.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		208 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-react-a1861447980d5ec4.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
644edc6356157e3c937ae0d565a0b1ee7555ecddb32a192dbffe85bdb1601e98
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:12:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
108355
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
64
content-length
62072
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 20:55:47 GMT
server
ufe
etag
"4ec723ee80d73144581cfe991060b744"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
D76PDtfLkFIu9w_Y0KtdvQvP3ZyttOeaSZ_ENqEMEmOzRnud8mMs3Q==
x-uber-edge
e4-dca11:w:50
client-vendor-fusion-f36b821f84160b03.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		137 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-f36b821f84160b03.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
25a4dc26a0e63e88a4f9d54741880536717ead5610e6dd2af5bc370771951f0b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:12:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
108355
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
94
content-length
37356
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 20:55:48 GMT
server
ufe
etag
"f8cbc526be2f3dde768c8a3a8810b9ef"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
pJ6jtuf8OKRpk8POoNFWD1pp6_oM-65s0Dm3M6Y9_5e4PqxKBM7WUw==
x-uber-edge
e4-dca4:w:59
client-6017-bed5632f40c3e908.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		194 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-6017-bed5632f40c3e908.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
f3ac492598fe0340b067298b221265e1db04de7216cf5f2834b64bc7978625c1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:12:05 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
108355
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
120
content-length
51003
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 20:55:47 GMT
server
ufe
etag
"9b8f416c36b302347c28658570b76def"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
n1MVUPIcxiPo5Vdlqgabw3Ml9Mhd4PIHbUQisshog0JZmMZuPsXheQ==
x-uber-edge
e4-dca1:w:64
client-4866-d6cbcec4814a8cfc.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		16 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-4866-d6cbcec4814a8cfc.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
005443db38ba208914a6c35455f592e1ab0cde78febfc43e3c15f82ca9cd3ac8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 19:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
108352
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
69
content-length
4062
x-xss-protection
1; mode=block
last-modified
Fri, 21 Oct 2022 20:55:47 GMT
server
ufe
etag
"bfffe0c7ad59b2588768ceaab4f08cf8"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
bWYTQUUdJ_3RFHjIn2b6CjYOIR2fVd9p9GC7WNKk6XqbQmv1EtZtDg==
x-uber-edge
e4-dca8:w:34
client-8741-a502c0a5d8af4f4f.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-8741-a502c0a5d8af4f4f.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
e88568247b8b27d18a917e2fa02c42ae22a3ea086aa6138e19be7199d1c2e3f4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 19:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
22476
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
58
content-length
4273
x-xss-protection
1; mode=block
last-modified
Tue, 25 Oct 2022 18:08:09 GMT
server
ufe
etag
"eed2854450ff75f96f8fd1ce7576766a"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
A0GmegDgJnGqiAjAJZYQPlEKuBXBXrrMGDKQ1J9-Ykexlb50Dp57kw==
x-uber-edge
e4-dca4:w:75
client-8978-a3ab9c0501db23ae.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-8978-a3ab9c0501db23ae.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
dcd3cf904f56a39e6cd4c6e01f21a55cbe71e4e2bc7439e9bbe12085d96eae36
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 19:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
22475
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
59
content-length
6095
x-xss-protection
1; mode=block
last-modified
Tue, 25 Oct 2022 18:08:09 GMT
server
ufe
etag
"7f97e261bc3698e9f2b331f96a04519b"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
4AC2Wsi2DxqZfYnILxY2oBEF9SFH2HkyefNnGbTSZbkrM1At3ihqOQ==
x-uber-edge
e4-dca8:w:43
client-9426-b3c92b16c7c8d4a9.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-9426-b3c92b16c7c8d4a9.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
d704817a148202771fdb9977e8f5d231312f1110b0b13a2d09e9aef293aeeff3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 19:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
22476
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
54
content-length
3188
x-xss-protection
1; mode=block
last-modified
Tue, 25 Oct 2022 18:08:09 GMT
server
ufe
etag
"14dffd8cbade16f1e70214eae76de7b5"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
hmJA2aFL-pkgQrbhDIV86YUkKKSf3dbAjSR-ppho3rnRD2v4q1qA-Q==
x-uber-edge
e4-dca4:w:117
client-9811-ee1d26d1cc27b9bf.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-9811-ee1d26d1cc27b9bf.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
a9b74fbcfba1de3a409bab3f472461220d38e31592a08cba4a4186872bca78b9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 19:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
22476
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
52
content-length
6579
x-xss-protection
1; mode=block
last-modified
Tue, 25 Oct 2022 18:08:09 GMT
server
ufe
etag
"4856a098c3440a3f3c89ed0545e57a86"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
538QxDJg2E7_WOo410VOdlTgL54VgUveLdKvRlYz9GCx6M3RwkPdEw==
x-uber-edge
e4-dca8:w:68
client-runtime-c13eb8f63e100e00.js
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-runtime-c13eb8f63e100e00.js
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
558c2f6e49423aca85253facbb0442328173c306f525da84bc4bad6fa4896728
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Tue, 25 Oct 2022 19:03:25 GMT
content-encoding
br
x-content-type-options
nosniff
strict-transport-security
max-age=31536000
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
22476
x-cache
Hit from cloudfront
x-tb-source
terrablob
x-envoy-upstream-service-time
72
content-length
2101
x-xss-protection
1; mode=block
last-modified
Tue, 25 Oct 2022 18:08:09 GMT
server
ufe
etag
"0ffe6e0b70608cac6bb4de4686b0f0bb"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
rpc-service
terrablob-gateway-tier3
accept-ranges
bytes
timing-allow-origin
*, *
x-uber-app
terrablob-gateway-tier3
x-amz-cf-id
1tHVMxnqg8ZDOtvf8DznesktbRTSTtWHFUa14j0-QPuz8m-KHW42Gw==
x-uber-edge
e4-dca8:w:86
816252b1ce5a5050.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/816252b1ce5a5050.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:32:39 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
110721
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
7
content-length
32596
x-xss-protection
1; mode=block
last-modified
Fri, 14 Oct 2022 16:13:50 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
2J2XyZHBGbCryZRpg6HTsF0JJFSQ1DWDfApg5Sfz5yeKQshaLPPnUw==
x-uber-edge
e4-dca1:w:29
df4998612acf89b1.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		26 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/df4998612acf89b1.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 18:32:40 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
110720
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
65
content-length
26584
x-xss-protection
1; mode=block
last-modified
Fri, 14 Oct 2022 16:13:50 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
iIyz83z1rBDt92Rxc-62a-_7oj6boweAFreNdrLPtziHA6Bti9oLOw==
x-uber-edge
e4-dca11:w:57
cf91dd9830a4bf06.woff2
d3i4yxtzktqr9n.cloudfront.net/arch-web/ 		27 KB
27 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://d3i4yxtzktqr9n.cloudfront.net/arch-web/cf91dd9830a4bf06.woff2
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.33.100.107 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-33-100-107.sin2.r.cloudfront.net
Software
ufe /
Resource Hash
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 19:44:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 9b42888bacc8273877421321cf54240a.cloudfront.net (CloudFront)
x-amz-cf-pop
SIN2-P2
age
365628
x-cache
Hit from cloudfront
x-envoy-upstream-service-time
8
content-length
27332
x-xss-protection
1; mode=block
last-modified
Fri, 14 Oct 2022 16:13:50 GMT
server
ufe
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, OPTIONS
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
vary
Accept-Encoding
timing-allow-origin
*, *
x-amz-cf-id
F9Zj64yubD0miUKA9ZZB6m74i7oOHxwXuHPAK9Q0OwF1NW-3X81Mng==
x-uber-edge
e4-dca1:w:114
_events
auth.uber.com/v2/ 		2 B
202 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-f36b821f84160b03.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
x-csrf-token
x
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Wed, 26 Oct 2022 01:18:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
164
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-phx3:w:35
cc.js
www.cdn-net.com/ 		41 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/cc.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-6017-bed5632f40c3e908.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-105.sin2.r.cloudfront.net
Software
openresty/1.11.2.3 /
Resource Hash
487b91e7556e83efb2af1ce4734c23a58c00044515902ae01637176b4c7fc93f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 26 Oct 2022 01:18:02 GMT
Via
1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront)
Server
openresty/1.11.2.3
X-Amz-Cf-Pop
SIN2-C1
X-Cache
Miss from cloudfront
Content-Type
application/javascript
X-OneAgent-JS-Injection
true
Cache-Control
private, no-cache, proxy-revalidate
X-IA-Request-ID
3ab1feb38055d1f1bb4d7dd439ec9ed3
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
Content-Length
41817
X-Amz-Cf-Id
srUq6aB_fW16hKIscczA__YV_e-EkBri71fuHFVVk817mCv9ltuXwQ==
platform.js
apis.google.com/js/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/js/platform.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-083d164c784bb281.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f102.1e100.net
Software
sffe /
Resource Hash
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-security-policy
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gapi-team
content-encoding
gzip
x-content-type-options
nosniff
date
Wed, 26 Oct 2022 01:18:02 GMT
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20361
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="gapi-team"
etag
"40c22a9ccbd70870"
vary
Accept-Encoding
report-to
{"group":"gapi-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gapi-team"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
private, max-age=1800, stale-while-revalidate=1800
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 26 Oct 2022 01:18:02 GMT
appleid.auth.js
appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/ 		42 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-main-083d164c784bb281.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.15.110.17 Singapore, Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-15-110-17.deploy.static.akamaitechnologies.com
Software
Apple /
Resource Hash
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload

Request headers

Referer
https://auth.uber.com/
Origin
https://auth.uber.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Encoding
gzip
Date
Wed, 26 Oct 2022 01:18:03 GMT
Last-Modified
Tue, 18 Oct 2022 20:58:34 GMT
Server
Apple
ETag
W/"42671-1666126714519"
Vary
accept-encoding
Content-Type
application/javascript;charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=86400,stale-while-revalidate=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17247
cb=gapi.loaded_0
apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/ 		108 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
Requested by
Host: apis.google.com
URL: https://apis.google.com/js/platform.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f102.1e100.net
Software
sffe /
Resource Hash
3fb5faca196d014d886352f6dd986173f55941fe43c43dc3e409faa77ed12ed7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Fri, 21 Oct 2022 11:28:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
395391
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/social-frontend-mpm-access
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36448
x-xss-protection
0
last-modified
Sat, 30 Jul 2022 15:17:53 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="social-frontend-mpm-access"
vary
Accept-Encoding
report-to
{"group":"social-frontend-mpm-access","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/social-frontend-mpm-access"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Sat, 21 Oct 2023 11:28:12 GMT
6.js
six.cdn-net.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://six.cdn-net.com/6.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.2.11 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
11.2.190.35.bc.googleusercontent.com
Software
/
Resource Hash
1a18fc335605969f1b475c6a0f7e7e91f1adf21a6a4ac0d988bcbeb732bac81b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:18:03 GMT
cache-control
no-cache, no-store, max-age=0
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1042
content-type
application/javascript
et.js
www.cdn-net.com/ 		98 B
836 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.cdn-net.com/et.js
Requested by
Host: www.cdn-net.com
URL: https://www.cdn-net.com/cc.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
54.192.150.105 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-192-150-105.sin2.r.cloudfront.net
Software
openresty/1.11.2.3 /
Resource Hash
1c144e497f9e2a688b172960a6a68ba6058cd39c66ab919eb04f266874ef1c81

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://auth.uber.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date
Wed, 26 Oct 2022 01:18:03 GMT
Via
1.1 b854b2dbed0b7eb7e4e055e04c5ae48a.cloudfront.net (CloudFront)
Server
openresty/1.11.2.3
X-Amz-Cf-Pop
SIN2-C1
ETag
"MWNmZTBiOGMtMmM5NS00NjdiLWEyZjktNWVhYjcyYzk5NzU3OjE2NjY3NDcwODMwODM"
X-Cache
Miss from cloudfront
Content-Type
application/javascript
X-OneAgent-JS-Injection
true
Cache-Control
public, max-age=31536000
X-IA-Request-ID
1470fa524afc5d276952c2148d9d1a33
Connection
keep-alive
Server-Timing
dtSInfo;desc="1"
Content-Length
98
X-Amz-Cf-Id
NFunMmjEHwtPZeLHvLpZ9Rj0C4YiDCNmW9HZ_uh70TLmQThga1zkBw==
udi-meta
auth.uber.com/v2/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/udi-meta
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-f36b821f84160b03.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
x-csrf-token
x
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
content-type
application/json

Response headers

date
Wed, 26 Oct 2022 01:18:03 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
cache-control
max-age=0
x-envoy-upstream-service-time
727
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
x-uber-edge
e4-phx4:w:85
iframe
accounts.google.com/o/oauth2/ Frame 713E 		283 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframe
Requested by
Host: apis.google.com
URL: https://apis.google.com/_/scs/abc-static/_/js/k=gapi.lb.en.z9QjrzsHcOc.O/m=auth2/rt=j/sv=1/d=1/ed=1/rs=AHpOoo8359JQqZQ0dzCVJ5Ui3CZcERHEWA/cb=gapi.loaded_0?le=scs
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f84.1e100.net
Software
ESF /
Resource Hash
934508a704193b384db7bb61fe55ce76fa0fc71e26b14b6ce9f0a4139b3bfe2f
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-bIBFMNWUxYCdBgjwF0-Jqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://auth.uber.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-encoding
gzip
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport script-src 'report-sample' 'nonce-bIBFMNWUxYCdBgjwF0-Jqw' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self' script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-opener-policy
same-origin; report-to="IdpIFrameHttp"
cross-origin-resource-policy
cross-origin
date
Wed, 26 Oct 2022 01:18:03 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma
no-cache
report-to
{"group":"IdpIFrameHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/IdpIFrameHttp/external"}]}
server
ESF
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
x-xss-protection
0
_events
auth.uber.com/v2/ 		2 B
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-f36b821f84160b03.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 26 Oct 2022 01:18:04 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
329
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-phx2:w:27
cspreport
accounts.google.com/_/IdpIFrameHttp/ Frame 713E 		2 KB
914 B 		Other
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/_/IdpIFrameHttp/cspreport
Requested by
Host: auth.uber.com
URL: https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.10.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f84.1e100.net
Software
GSE /
Resource Hash
658683e8c2d89f890c06d9978d4c7c6edb6ec141855466e9f9649bbd2061e627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
application/csp-report

Response headers

pragma
no-cache
date
Wed, 26 Oct 2022 01:18:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
content-type
text/html; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
1; mode=block
expires
Mon, 01 Jan 1990 00:00:00 GMT
m=base
www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.fg7dcrrBUbE.es5.O/d=1/rs=AOaEmlHnbA6LKb80FHeJ1ZHd_Wn0DYzr1A/ Frame 713E 		99 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.fg7dcrrBUbE.es5.O/d=1/rs=AOaEmlHnbA6LKb80FHeJ1ZHd_Wn0DYzr1A/m=base
Requested by
Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/iframe
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.94 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f94.1e100.net
Software
sffe /
Resource Hash
1711bcf51360263d65e004533d807702eca8d293cf6a7e5aa194630f20ca11dd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://accounts.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Mon, 24 Oct 2022 22:01:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
98221
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/boq-infra/identity-boq-js-css-signers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34836
x-xss-protection
0
last-modified
Fri, 14 Oct 2022 21:48:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="boq-infra/identity-boq-js-css-signers"
vary
Accept-Encoding, Origin
report-to
{"group":"boq-infra/identity-boq-js-css-signers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/boq-infra/identity-boq-js-css-signers"}]}
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
expires
Tue, 24 Oct 2023 22:01:03 GMT
iframerpc
accounts.google.com/o/oauth2/ Frame 713E 		49 B
95 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://accounts.google.com/o/oauth2/iframerpc?action=checkOrigin&origin=https%3A%2F%2Fauth.uber.com&client_id=89939265457-enilmfbsacgcj2b7qq3sc7jc51u5b3ge.apps.googleusercontent.com
Requested by
Host: www.gstatic.com
URL: https://www.gstatic.com/_/mss/boq-identity/_/js/k=boq-identity.IdpIFrameHttp.en_US.fg7dcrrBUbE.es5.O/d=1/rs=AOaEmlHnbA6LKb80FHeJ1ZHd_Wn0DYzr1A/m=base
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.251.10.84 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sd-in-f84.1e100.net
Software
ESF /
Resource Hash
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
Security Headers
Name Value
Content-Security-Policy require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-dxsqGIRYPO9EhzbN2oGTgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://accounts.google.com/o/oauth2/iframe
X-Requested-With
XmlHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date
Wed, 26 Oct 2022 01:18:04 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
content-security-policy
require-trusted-types-for 'script';report-uri /_/IdpIFrameHttp/cspreport, script-src 'report-sample' 'nonce-dxsqGIRYPO9EhzbN2oGTgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/IdpIFrameHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/IdpIFrameHttp/cspreport/allowlist
content-encoding
gzip
cross-origin-embedder-policy
require-corp
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy
same-site
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
content-type
application/json; charset=utf-8
cache-control
private, max-age=3600
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
expires
Wed, 26 Oct 2022 01:18:04 GMT
_events
auth.uber.com/v2/ 		2 B
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://auth.uber.com/v2/_events
Requested by
Host: d3i4yxtzktqr9n.cloudfront.net
URL: https://d3i4yxtzktqr9n.cloudfront.net/arch-web/client-vendor-fusion-f36b821f84160b03.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.98.127.226 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
226.127.98.34.bc.googleusercontent.com
Software
ufe /
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://auth.uber.com/v2/?breeze_local_zone=phx3&next_url=https%3A%2F%2Faccounts.uber.com%2Fcommunication&state=0SfrW0rorlFK_n4Xjk7bT71ni5yXNF28BYmrGakO5HQ%3D
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Wed, 26 Oct 2022 01:18:06 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
via
1.1 google
server
ufe
x-frame-options
SAMEORIGIN
content-type
text/plain; charset=utf-8
cache-control
max-age=0
x-envoy-upstream-service-time
315
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
x-xss-protection
1; mode=block
x-uber-edge
e4-phx3:w:93

Verdicts & Comments Add Verdict or Comment

26 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| onbeforeinput object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails function| queryLocalFonts object| navigation string| __FUSION_ASSET_PATH__ string| __NONCE__ string| __ROUTE_PREFIX__ object| webpackChunkFusion function| setImmediate function| clearImmediate object| _cc object| gapi object| ___jsl number| script_loaded_time object| collector object| inauthNamespace string| collectorNamespaceName object| __DEFAULT_NAMESPACE object| osapi object| AppleID

12 Cookies

Domain/Path Name / Value
.accounts.uber.com/ Name: state
Value: JF0333C63bI0EH.1666747979862.GLrHvSUy/CpBdxlpLejg1bypq+qgtiEkbrPtBbpzDn8=
.uber.com/ Name: usl_rollout_id
Value: f4a14416-30d1-417d-8fac-f9d73f34b4d9
auth.uber.com/ Name: _ua
Value: {"session_id":"c4dc5f8d-c8d4-42cf-9468-5cc484223e29","session_time_ms":1666747080331}
.uber.com/ Name: marketing_vistor_id
Value: 76457c3e-f07b-477b-a561-58c6dad8f94d
.uber.com/ Name: x-uber-analytics-session-id
Value: 93d3efa1-853a-49b2-857d-616dcc244c9e
auth.uber.com/ Name: udi-id
Value: i1aP5hkmclsyP141fLRuDf/uT4E0RXgBFRK3RYy5rVijG+nqkKETuklGC61JbcfL/X0F7OHbhLGIcljDEogXgNNPH3phn3PCeY4IwMRoRQVlrwi+hFDJcGhUcsSCyFzh29ITaM2o2uprix07JzlExAuegOPePUOfjSBLxQzxhSXx368yclKR71qtyDEyoaIXBnasufJdLzy9lu+6TpqxKQ==KwPkHSlYSwIYugtNVjn2Pg==AgI/davVQxJrda0rZyqXchgNATlmWd0woormB5y2DBI=
auth.uber.com/ Name: jwt-session
Value: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpYXQiOjE2NjY3NDcwODAsImV4cCI6MTY2NjgzMzQ4MH0.tN-GQ8H_ztWbF-P4Dd9sQ_innYdDfwuUzCcZy7iZ4rA
www.cdn-net.com/ Name: _cc-x
Value: ZWU4NWMzMmEtNjBjMi00MWViLWJmMmEtM2E5OWViNjczYTU0OjE2NjY3NDcwODI0NTE
auth.uber.com/ Name: _cc
Value: AU1GoOQm2C4Ipp3%2FMlxOoPO9
.auth.uber.com/ Name: G_ENABLED_IDPS
Value: google
auth.uber.com/ Name: udi-fingerprint
Value: MSMuR3jFjMjdZgJoFFR54T6B96hJvqBY/ac6CPJqa8mC7xIZGQ/7Uty00KAJwj/I1HwCjVzi2iWbzT46bAv2yw==9EWMOdyeEg0rcWO3gEtwHU8rCwQrncJnI65dHHoVxlg=
.google.com/ Name: NID
Value: 511=iwalIPNKuwogHWk1Wi4-nyP1qRS1-WtSrRpqWk-570m3D9d6xOu6zF0i0x1v3nmxyMt9TNkT-j06NF8CCTv2cj0KKGKuj2xjG8Ui03h3xmSJgL2scUuujSm_xBVcYA_I-YgET62pDPdBNu2FRhhTGahrcyFpAAZS3bBS8xaXcdU

2 Console Messages

Source Level URL
Text
security error (Line 6)
Message:
This document requires 'TrustedScript' assignment.
network error URL: https://accounts.google.com/_/IdpIFrameHttp/cspreport
Message:
Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy block-all-mixed-content; frame-src 'self' https://accounts.google.com 'self' https://staticxx.facebook.com 'self' https://www.google.com/recaptcha/ https://recaptcha.google.com/recaptcha/; worker-src 'self'; child-src 'self'; connect-src 'self' https://cn-geo1.uber.com https://accounts.google.com https://*.cdn-net.com https://api-js.mixpanel.com; manifest-src 'self'; form-action 'self'; frame-ancestors 'self'; object-src 'none'; script-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com 'nonce-77f637a8-86bf-485d-9447-af16933e2f1d' https://accounts.google.com 'self' https://apis.google.com 'self' 'unsafe-eval' https://appleid.cdn-apple.com/appleauth/static/jsapi/appleid/1/en_US/appleid.auth.js 'self' https://connect.facebook.net/en_US/sdk.js 'self' https://js.braintreegateway.com/v1/braintree.js https://*.cdn-net.com https://www.google.com/recaptcha/ https://www.gstatic.com/recaptcha/ https://www.google-analytics.com https://ssl.google-analytics.com maps.googleapis.com maps.google.com; style-src 'self' 'unsafe-inline' https://d1a3f4spazzrp4.cloudfront.net https://d3i4yxtzktqr9n.cloudfront.net https://tb-static.uber.com https://tbs-static.uber.com https://accounts.google.com; report-uri https://csp.uber.com/csp?a=arch-web&ro=false
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
accounts.uber.com
apis.google.com
appleid.cdn-apple.com
auth.uber.com
d3i4yxtzktqr9n.cloudfront.net
six.cdn-net.com
www.cdn-net.com
www.gstatic.com
104.36.197.136
13.33.100.107
142.251.10.102
142.251.10.84
23.15.110.17
34.98.127.226
35.190.2.11
54.192.150.105
74.125.24.94
005443db38ba208914a6c35455f592e1ab0cde78febfc43e3c15f82ca9cd3ac8
06454ce5f9e107b174d3fc29563b35235194e797d8103554873699faca5bebab
0da425eaadbec3853cae0b85493ea7ad6934972097b4f59d2a05dbb130585444
1711bcf51360263d65e004533d807702eca8d293cf6a7e5aa194630f20ca11dd
1a18fc335605969f1b475c6a0f7e7e91f1adf21a6a4ac0d988bcbeb732bac81b
1c144e497f9e2a688b172960a6a68ba6058cd39c66ab919eb04f266874ef1c81
25a4dc26a0e63e88a4f9d54741880536717ead5610e6dd2af5bc370771951f0b
3576315cd3d7d61ebb88904b9ecc12d4c71068753e90813efc628e8574255c5c
3fb5faca196d014d886352f6dd986173f55941fe43c43dc3e409faa77ed12ed7
4836b6031bc4af96767f0121fa458714583340054aea6338ef99a1bc4011f43b
487b91e7556e83efb2af1ce4734c23a58c00044515902ae01637176b4c7fc93f
4927e04442677656c87e761f24d15f970516a75a88096536426a5c9325ef5ca6
558c2f6e49423aca85253facbb0442328173c306f525da84bc4bad6fa4896728
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
60e60bf2583cf7444b00a4b0b8d46de5fd5816f768fc72fd71c643357132df69
644edc6356157e3c937ae0d565a0b1ee7555ecddb32a192dbffe85bdb1601e98
658683e8c2d89f890c06d9978d4c7c6edb6ec141855466e9f9649bbd2061e627
78fcded1c2ffd2fe2987bfee620325944d1cbdf4111cde1dbef397974f5d8a2d
934508a704193b384db7bb61fe55ce76fa0fc71e26b14b6ce9f0a4139b3bfe2f
a9b74fbcfba1de3a409bab3f472461220d38e31592a08cba4a4186872bca78b9
d704817a148202771fdb9977e8f5d231312f1110b0b13a2d09e9aef293aeeff3
dcd3cf904f56a39e6cd4c6e01f21a55cbe71e4e2bc7439e9bbe12085d96eae36
e47350f76dfe82a97ab9d7104741da2fe4a96d1a63cd0599e095af351feff0a8
e88568247b8b27d18a917e2fa02c42ae22a3ea086aa6138e19be7199d1c2e3f4
f3ac492598fe0340b067298b221265e1db04de7216cf5f2834b64bc7978625c1